Deploy kube-dns with cluster-proportional-autoscaler #33239
Conversation
k8s-github-robot
added
size/L
|
@MrHohn |
MrHohn
force-pushed
the
dns-autoscaler
branch
from
cc4f1b8
to
8b819f1
Compare
|
Review status: 0 of 20 files reviewed at latest revision, 3 unresolved discussions. cluster/addons/dns/Makefile, line 32 [r1] (raw file):
I don't see any parameterized variables in any of the new files that warrant the base -> yaml.in and base -> yaml.sed transformations. Until we need variable substitution, it might be simpler to just have kubedns-autoscaler-configmap.yaml and kubedns-autoscaler-deployment.yaml as plain yaml files. cluster/images/hyperkube/static-pods/addon-manager-multinode.json, line 14 [r1] (raw file):
Did you intend to commit this change? cluster/images/hyperkube/static-pods/addon-manager-singlenode.json, line 14 [r1] (raw file):
And this one? Comments from Reviewable |
|
Review status: 0 of 20 files reviewed at latest revision, 3 unresolved discussions. cluster/addons/dns/Makefile, line 32 at r1 (raw file):
|
k8s-github-robot
added
the
needs-rebase
|
For now the ConfigMap params ( As @bowei indicates, we should regenerate these params based on some real metrics. And before that, we need to well document this intermediate params. |
|
Review status: 0 of 20 files reviewed at latest revision, 10 unresolved discussions, some commit checks failed. cluster/addons/dns/kubedns-autoscaler-configmap.yaml.base, line 32 at r1 (raw file):
We don't need a 2nd replica for 4 cores. Maybe for 64 cores cluster/addons/dns/kubedns-autoscaler-deployment.yaml.base, line 20 at r1 (raw file):
You don't need the "v1" gunk in the name for a deployment. cluster/addons/dns/kubedns-autoscaler-deployment.yaml.base, line 24 at r1 (raw file):
I don't think you need this either cluster/addons/dns/kubedns-autoscaler-deployment.yaml.base, line 38 at r1 (raw file):
I would leave limits off, and let them default. I especially would not do burstable for memory. Get a sense of how much you think this really needs to set request properly. cluster/addons/dns/kubedns-autoscaler-deployment.yaml.base, line 48 at r1 (raw file):
This means we have to update this file when we update DNS. The only maybe-better answer I see is to set a selector here, and I don't think we want that. Open to ideas. cluster/addons/dns/kubedns-autoscaler-deployment.yaml.sed, line 1 at r1 (raw file):
I don't think you need the in/base/sed for these files - they don't have any templated content. Just yaml files should suffice. cluster/saltbase/salt/kube-addons/init.sls, line 95 at r1 (raw file):
This is not a jinja file, so it doesn't need this. Comments from Reviewable |
|
Is the hscaler itself committed? Reviewed 20 of 20 files at r1. Comments from Reviewable |
|
Thanks for all the comments. Not yet, actually that PR is the one waiting for review. |
MrHohn
force-pushed
the
dns-autoscaler
branch
from
8b819f1
to
c792303
Compare
MrHohn
changed the title
k8s-github-robot
removed
the
needs-rebase
|
The new commits deploy kube-dns with cluster-proportional-autoscaler by making the autoscaler itself as an addon. This feature is turned on by default for gci and container-VM on GCE. Notice that the this autoscaler still utilizes ConfigMap to retrieve autoscaling parameters, which is passed into the autoscaler pod by startup. This ConfigMap itself is not an addon, and Addon Manager will not reconcile it. Hence customers would be able to modify the autoscaling parameters. If this ConfigMap got deleted accidentally, autoscaler will manage to re-create it according to the default parameters passed in. Beside, a basic e2e test for this autoscaling feature is added. It covers cases like cluster size changed, parameters changed, ConfigMap got deleted, autoscaler pod got deleted, etc. Total running time around 5 mins. |
MrHohn
force-pushed
the
dns-autoscaler
branch
2 times, most recently
from
13ffc58
to
d0a4e03
Compare
| containers: | ||
| - name: autoscaler | ||
| image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:0.8.5 | ||
| imagePullPolicy: Always |
There was a problem hiding this comment.
Sorry, will remove this line.
MrHohn
force-pushed
the
dns-autoscaler
branch
2 times, most recently
from
5523410
to
4c859c0
Compare
|
@rmmh Sorry to bother. Ran |
|
The new commit sets cpu(20m)/memory(10Mi) request for the autoscaler pod. Limit is leaved unset. GKE config is updated. Also piped down the corresponding env variable to other cloudproviders. But dns autoscaling is turned on by default only on gce. |
|
Jenkins Kubemark GCE e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GKE smoke e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCI GCE e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCE etcd3 e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCE e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCI GKE smoke e2e failed for commit b7eeebf11538187412041464f93b2d86aef0181c. Full PR test history. The magic incantation to run this job again is |
The e2e tests cover cases like cluster size changed, parameters changed, ConfigMap got deleted, autoscaler pod got deleted, etc. They are separated into a fast part(could be run parallelly) and a slow part(put in [serial]). The fast part of the e2e tests cost around 50 seconds to run.
MrHohn
force-pushed
the
dns-autoscaler
branch
from
b7eeebf
to
452e6d8
Compare
|
Tests passed this time. |
|
LGTM, make sure you do https://github.com/kubernetes/kubernetes/pull/33239/files#r86699869 |
bprashanth
added
lgtm
bprashanth
added
release-note
|
I'm bumping to P2 because we need this to go in before #36008, but I want to lgtm that one as it's the last day before code freeze |
bprashanth
added
the
priority/backlog
|
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue |
Automatic merge from submit-queue CRI: Support string user name. #33239 and #34811 combined together broke the cri e2e test. https://k8s-testgrid.appspot.com/google-gce#gci-gce-cri The reason is that: 1) In dockershim and dockertools, we assume that `Image.Config.User` should be an integer. However, sometimes when user build the image with `USER nobody:nobody` or `USER root:root`, the field will become `nobody:nobody` and `root:root`. This makes dockershim to always return error. 2) The new kube-dns-autoscaler image is using `USER nobody:nobody`. (See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler/blob/master/Dockerfile.in#L21) This doesn't break the normal e2e test, because in dockertools [we only inspect image uid if `RunAsNonRoot` is set](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/dockertools/docker_manager.go#L2333-L2338), which is just a coincidence. However, in kuberuntime, [we always inspect image uid first](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/kuberuntime/kuberuntime_container.go#L141). This PR adds literal `root` and `nobody` support. One problem is that `nobody` is not quite the same in different OS distros. Usually it should be `65534`, but some os distro doesn't follow that. For example, Fedora is using `99`. (See https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Q5GCKZ7Q7PAUQW66EV7IBJGSRJWYXBBH/?sort=date) Possible solution: * Option 1: ~~Just use `65534`. This is fine because currently we only need to know whether the user is root or not.~~ Actually, we need to pass the user id to runtime when creating a container. * Option 2: Return the uid as string in CRI, and let kuberuntime handle the string directly. This PR is using option 1. @yujuhong @feiskyer /cc @kubernetes/sig-node /cc @MrHohn
|
Fixes #27781. |
Automatic merge from submit-queue Migrates addons from RCs to Deployments Fixes #33698. Below addons are being migrated: - kube-dns - GLBC default backend - Dashboard UI - Kibana For the new deployments, the version suffixes are removed from their names. Version related labels are also removed because they are confusing and not needed any more with regard to how Deployment and the new Addon Manager works. The `replica` field in `kube-dns` Deployment manifest is removed for the incoming DNS horizontal autoscaling feature #33239. The `replica` field in `Dashboard` Deployment manifest is also removed because the rescheduler e2e test is manually scaling it. Some resource limit related fields in `heapster-controller.yaml` are removed, as they will be set up by the `addon resizer` containers. Detailed reasons in #34513. Three e2e tests are modified: - `rescheduler.go`: Changed to resize Dashboard UI Deployment instead of ReplicationController. - `addon_update.go`: Some namespace related changes in order to make it compatible with the new Addon Manager. - `dns_autoscaling.go`: Changed to examine kube-dns Deployment instead of ReplicationController. Both of above two tests passed on my own cluster. The upgrade process --- from old Addons with RCs to new Addons with Deployments --- was also tested and worked as expected. The last commit upgrades Addon Manager to v6.0. It is still a work in process and currently waiting for #35220 to be finished. (The Addon Manager image in used comes from a non-official registry but it mostly works except some corner cases.) @piosz @gmarek could you please review the heapster part and the rescheduler test? @mikedanese @thockin cc @kubernetes/sig-cluster-lifecycle --- Notes: - Kube-dns manifest still uses *-rc.yaml for the new Deployment. The stale file names are preserved here for receiving faster review. May send out PR to re-organize kube-dns's file names after this. - Heapster Deployment's name remains in the old fashion(with `-v1.2.0` suffix) for avoiding describe this upgrade transition explicitly. In this way we don't need to attach fake apply labels to the old Deployments.
This PR integrates cluster-proportional-autoscaler with kube-dns for DNS horizontal autoscaling.
Fixes #28648 and #27781.
This change is